Global forum urges stronger e-commerce security

Global forum urges stronger e-commerce security

The Payment Card Industry Security Standards Council recommends strong security standards in the payment system in order to foster the e-commerce industry in Thailand.

"Asia-Pacific is one of the fastest growing regions for e-commerce and online transactions and hundreds of million dollars are being spent by online shoppers," said Jeremy King, international director of the PCI Security Standards Council.

Thailand is also experiencing tremendous growth and drawing interest as a hub for e-commerce. Apart from the creation of business opportunities, the Thai IT workforce will be afforded the opportunity to become security professionals to serve regional demand.

However, the high volume of money is also attracting fraud and cyberattacks, and deterring customers from utilising the online channel, Mr King.

The Payment Card Industry Security Standard Council (PCI SSC) is a global forum that develops, maintains and manages security standards for payment systems such as PCI Data Security Standard.

"The coming of online channels has made payments even riskier because you don't know if the other side is legitimate or there is a criminal middleman," said Troy Leach, chief technology officer at PCI SSC.

He said one of the biggest challenges facing the industry in Southeast Asia is the weakness of passwords and usernames.

"We need to have good passwords because when you look at the data globally, 63% of all data breaches were due to weak, default or bad passwords, according to Verizon Business Report," Mr Leach said.

He said e-commerce merchants should also make sure that the devices they use have been tested and passed security standards.

PCI SSC general manager Stephen Orfei said that the devaluation of data through different techniques such as EMV (a technical standard for smart payment cards created by Europay, MasterCard, and Visa that store data on integrated circuits in addition to magnetic stripes) at point of sale, point-to-point encryption and tokenisation could prevent criminals accessing obtained data.

"If you properly deploy those three technologies, which are available on a global scale, you devalue the data and make it useless for criminals," Mr Orfei said.

The Bank of Thailand's initiative to adopt chip-embedded cards is upgrading the security of the payment system, despite the expense. In Europe, the adoption of the chip cards has resulted in a significant drop in fraud, he said.

Chalee Vorakulpipat, head of the cybersecurity laboratory at the National Electronics and Computer Technology Center, said that even chip cards, which have been designed to prevent information theft, are still not absolutely safe since the only authentication required is the owner's signature, which can be forged.

He suggested that payment via credit or debit cards can adopt two-way authentication systems such as pin code instead of signatures.

Dynamic authentication that combines methods such as GPS can also be used to detect the transaction locations of credit cards, further enhancing safety.

Mr Chalee said the government should play a greater role in supporting the e-payment system by adopting the system for its own transactions.

Do you like the content of this article?

Man hit, killed by pick-up in Kalasin

KALASIN: An unidentified man was killed after being hit by a pick-up loaded with cargos while crossing a road in Yang Talat district of this northeastern province early on Sunday, police said.


Seach launched for Polish tourist, Thai woman missing in the sea off Phuket

PHUKET: A search has been launched for a male Polish tourist and a Thai woman who went missing while kayaking in the sea off this southern resort province on Saturday afternoon.


Time to end war on city's vendors

The Bangkok Metropolitan Administration (BMA) has reaffirmed its tough stance on sweeping vendors off city pavements by Dec 31, denying previous media reports it would allow vendors back but with certain restrictions. Such a harsh policy will see the capital in tumult.